Noob question about the cloudflare ssl/tls connection to infinityfree

I recently enabled cloudflare to my site https://lovebug.ml and was wondering about the SSL/TLS connection between the two

I see in the cloudflare control panel that the connection is set to flexible

my understanding of this is that the connection from the browser to cloudflare is secure but the connection from cloudflare to my website is insecure, is this correct ? and if so is it safe to use a forum on my website in this mode (ie login details) ?

would I need to use Full or Full (strict) if I plan to start a forum ?

sorry if i’ve got this all wrong

thanks

True

That would be wise

2 Likes

thanks

now im kind of worried about sites I registered with that I assumed were secure but may have this kind of setup and my details might have been sent unencrypted

Is there any way to know from the browser padlock if the site you are on is end to end encrypted or not ?

do I just need to check the certificate for any https site I login to ?

thanks

No.

Does not help as well…

1 Like

Even just using a Cloudflare Client-to-browser Certificate is more secure than not having one at all. Even if a site does only use a Cloudflare Certificate, I wouldn’t worry about login details being insecure.

So like @KangJL said, don’t check every site’s certificate, because its a waste of time If a site has the Padlock, then it has at least basic security.

3 Likes

Hypothetically, yes, the traffic could be intercepted. But from what I know, most of the traffic interception is done for example by someone spying on your own device or in your own network. Both Cloudflare’s systems and our own are patched to fully owned network equipment, so that’s going to be much harder to snoop on.

Of course, full SSL along the entire path is more secure, but I would say that Flexible SSL is at least 80% as secure.

And if you want it to be secure all the way, you can get a free SSL certificate from us, install that on your hosting account and set Cloudflare to use Full (Strict) mode.

4 Likes

thanks everyone for your answers you have been most helpful

cheers

“And if you want it to be secure all the way, you can get a free SSL certificate from us, install that on your hosting account and set Cloudflare to use Full (Strict) mode.”

heh I remember trying that last time until my brains almost exploded :slight_smile: but i’ll have another go at it if I decide its really needed

thanks

1 Like

I wouldn’t bother with that and just continued to use CF flex

You don’t have any money transactions or online trade
where then it would be desirable to have all communication encrypted with TLS (CF - Origin)

You are not even such a desirable target for someone to invest equipment and time to sniff the traffic between CF and origin.

It is easier to find a hole in the forum engine and in other ways through social engineering

3 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.